package com.lantu.image;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;

import com.lantu.draw.framework.SpringUtil;
import com.lantu.draw.svgimg.service.SVGImageService;
/**
 * 图片访问权限认证
 * @author wanghao
 *
 */
@WebServlet("/imgauth.do")
public class ImgAuthServlet extends HttpServlet {
	
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		logger.info("doGet....");
		Object obj=SpringUtil.getBean("SVGImageServiceImpl");
		logger.info(obj==null);
		SVGImageService service=(SVGImageService)obj;
		String url=	request.getParameter("url");
		String idcard=	request.getParameter("idcard");
		//权限判断
		//if(request.isRequestedSessionIdValid()&&request.getSession().getAttribute("userid")!=null){//通过权限
		
		if(service.isHasAuth(url, idcard))//图片业务权限判断
		{
			logger.warn("通过权限");
				response.setHeader("X-Accel-Redirect",url);
			
		}else{
			logger.warn("无权限");
			response.setStatus(404);
		}
		
	}
	private static final Logger logger = Logger.getLogger(ImgAuthServlet.class);
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
	}
	protected void doOptions(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		logger.info("doOptions");
		//response.setHeader("Content-Disposition","attachment;");  
		//response.setHeader("Content-Type","application/octet-stream");
	    	
	}
}
